Cybersecurity, Privacy and a Host of Technologies Challenge Audit in the Enterprise

Changing Roles, Responsibilities and Workforce Factors in the Spotlight of New Research from ISACA and Protiviti

Schaumburg, IL, USA (13 May 2019) – Cybersecurity, privacy and technologies—from mission-critical to digitally transformative—top the list of challenges IT audit teams and leaders grapple with every day, according to a first release of the 2019 IT Audit Benchmarking Study conducted by ISACA and global consulting firm Protiviti.

An Executive Summary of the study, published today in conjunction with the opening of the ISACA North America CACS conference and IT Audit Leadership Summit in Anaheim, provides key takeaways and analyses derived from this eighth annual survey of IT audit leaders and professionals from around the world. The summary also notes the growing role and responsibilities of IT audit in digital transformation, partnerships between the IT organization and IT audit function, and differences in how IT audit leaders operate compared to other IT audit professionals.

The 2019 IT Audit Benchmarking Study, which will be released in full later this year, found that the biggest challenges for IT auditors were:

More respondents this year said their organizations are interested in using advanced technologies, including robotic process automation, artificial intelligence (AI), machine learning and deep learning, as well as continuous auditing and monitoring, to drive greater revenue, profitability and shareholder value, and increased productivity and cost efficiencies. These findings align with other recent research from both ISACA and Protiviti on digital transformation. For example, ISACA's Digital Transformation Barometer Research found that respondents saw big data and AI/machine learning/cognitive technology as the top emerging technologies that were most likely to deliver the greatest value to their organizations.

“More organizations are more rapidly embracing emerging technologies as part of their digital transformations. IT auditors play pivotal and key partnership roles in those journeys, mitigating risk and accelerating expected business benefits,” said Rob Clyde, ISACA board chair and Titus board director.

Though there is interest in new technology implementation, many organizations face difficulties in finding professionals with the right knowledge and skills, or in training current staff in new skills. According to the survey, the skills that organizations most seek in new hires are related to advanced and enabling technologies, critical thinking and data science. This echoes findings from ISACA’s Future of IT Audit study, in which many of the surveyed auditors indicated that a technical skills gap has an impact on performing IT audits with a high degree of confidence.

Additionally, the 2019 IT Audit Benchmarking Study compares responses between those IT audit organizations identified as leaders—defined as those IT audit groups that have a strong partnership with their company’s IT function—and those IT audit organizations that do not have these strong partnerships. This comparison provides insights into how each group sees their own role, as well as their views of collaboration or processes within their own group.

For example, one survey question explored whether there was a formal process to determine whether to continue or postpone a strategic technology project if new risks are identified while the implementation process is underway. Fifty-nine percent of leaders indicated this process does exist, compared to 48 percent of non-leaders.

“The data from this report can help IT audit teams better understand the dynamic between different roles, as well as where there may be gaps they need to bridge in order to collaborate most effectively,” said Andrew Struthers-Kennedy, managing director and leader, IT Audit practice, Protiviti. “By better understanding each group's perspective and addressing any discrepancies, they can improve the quality of their partnership and outcomes.”

ISACA’s technical research manager Robin Lyons echoed the importance and wide scope of partnerships essential to IT audit success. “Just as operational effectiveness is continually assessed, IT auditors must establish and evolve ongoing partnerships across the organization, with IT and business teams and leadership. These dynamics are more important than ever, given the pace of change, opportunities and competition,” she said.

The 2019 IT Audit Benchmarking Study executive summary is available as a free download from ISACA’s web site.

About Protiviti

Protiviti (www.protiviti.com) is a global consulting firm that delivers deep expertise, objective insights, a tailored approach and unparalleled collaboration to help leaders confidently face the future. Through its network of more than 80 offices in over 25 countries, Protiviti and its independently owned Member Firms provide clients with consulting solutions in finance, technology, operations, data, analytics, governance, risk and internal audit.

Named to the 2019 Fortune 100 Best Companies to Work For® list, Protiviti has served more than 60 percent of Fortune 1000® and 35 percent of Fortune Global 500®companies. The firm also works with smaller, growing companies, including those looking to go public, as well as with government agencies. Protiviti is a wholly owned subsidiary of Robert Half (NYSE: RHI). Founded in 1948, Robert Half is a member of the S&P 500 index.

About ISACA

Now in its 50th anniversary year, ISACA® (isaca.org) is a global association helping individuals and enterprises achieve the positive potential of technology. ISACA equips professionals with the knowledge, credentials, education and community to advance their careers and transform their organizations. ISACA leverages the expertise of its 460,000 engaged professionals—including 140,000 members—in information and cyber security, governance, assurance, risk and innovation, as well as its enterprise performance subsidiary, CMMI® Institute, to help advance innovation through technology. ISACA has a presence in more than 188 countries, including more than 220 chapters worldwide and offices in both the United States and China.